There is disclosed a method of authorizing an individual in information equipment as security technology for a personal communicating device based on the conventional technology, for instance, in Japanese Patent Laid-Open Publication No. HEI 7-129512 as well as in Japanese Patent Laid-Open Publication No. HEI 6-332861.
FIG. 10 shows the method of authorizing an individual in information equipment disclosed in these publications.
In the authorizing method disclosed in the example, security management for controlling access to information in the information equipment is carried out by correlating data of inputted graphics and characters or the like or handwriting with authorization data or characteristics parameters previously stored therein.
Namely, in these types of information equipment, security control is provided by, at first, receiving data in step 91, extracting the characteristics in step 92, correlating the characteristics with cryptographic data or measuring a degree of similarity between the characteristics and the handwriting parameters or the like in step 93, and further making a determination in the next step 94 as to whether each of the data is identical to the authorization or not, and releasing the access lockout and permitting access to information stored in the terminal in the next step 95 in a case where it is determined that a result of correlation is "yes".
In this case, the data inputted in step 91 is necessary to be data for particular graphics or handwriting, and further the user is required to have the cryptographic symbol or characteristics data for the handwriting stored in the main system of the terminal. For instance, in the invention on the conventional technology and disclosed in Japanese Patent Laid-Open Publication No. HEI 7-129512, it is required to write a cryptographic symbol in the terminal once, while, in the prior invention disclosed in Japanese Patent Laid-Open Publication No. HEI 6-332861, it is necessary to input characters or the like in the terminal once to authorize the handwriting, so that the inventions can not be applied, for instance, to a case where the user wants to move or open a window in a window system at the beginning of the operation. For this reason, if the inventions are applied to equipment having a user interface with large flexibility like a pen-inputted personal information terminal device, a free session may be impeded. Also, in the operation for releasing the protection described above, completely identical data is not always inputted, so that inaccuracy is inevitably left in the determination for authorizing the cryptographic symbol or handwriting.
However, in the conventional technology as described above, a method of effecting the protected state is not disclosed, and if the protection is once released, protection-released state is continued until an operation for effecting the protected state is executed again, so that, if the user forgets activate the protected state after a session to the main system of the terminal is once finished, there is the danger that anyone can access the information, and for this reason, in a case where the method for authorizing an individual as described above is applied to the pen-inputted personal information terminal device, the information may be abused.
Also, if requirements of writing graphics and characters at the beginning of the operation whenever the user uses the main system of the terminal or of setting protection each time the user leaves the terminal are added to the operation, the user can not smoothly operate the terminal, which causes a free session impeded.